The auditing standards for journal entry testing must be the basis of selecting journal entries. An understanding of standards and the exercise of professional judgment can never be replaced. The following fraud data analytics methodology is intended to create a framework to help the auditor meet the intent of the professional standards of auditing. To assist the reader, we will start with an excerpt from the standard:
This chapter will discuss how to use the fraud scenario approach for journal entries and then provide seven different frameworks to create an overall fraud data analytics plan for journal entry testing for financial accounts. The last section will illustrate my experiences with how controllers have used journal entries to conceal asset misappropriation schemes.
Journal entries are the tool of choice when management wants to cause the financial statements to be misstated. The reason is that it is simple: Debit receivables for a million and credit revenue a million. It is that easy.
The methodology or components for writing a fraud scenario for financial accounts is the same as writing a fraud scenario for a specific financial account. What differs is the guidance as to use of the components of the fraud scenario in creating a fraud data analytics plan. First what are the similarities?
What differs is the concept of creating the fraud action statement and the fraud data profile. First, let's look at the similarities for creating a fraud action statement:
So, what is the difference in creating the fraud action statement? The difference is the fundamental difference between a source journal and a general journal entry. The source journal is a series of individual transactions that are posted in total to the general ledger. The general journal entry was created by a person for a reason. In previous chapters, we discussed the concepts of how, when, and where. For journal entries, the why question becomes the critical aspect of creating the fraud action statement. Other obvious differences are the following:
The following provides examples of how to write a financial statement fraud scenario using the prescribed format:
For purposes of illustration, I have intentionally written the previous fraud scenarios with a different style. Remember, style is in the eye of the beholder, whereas content of the scenario is required by the methodology. I would encourage the audit unit to adopt a writing style purely from an efficiency standpoint.
The fraud action statement should include the why reason for posting the journal entry. The reason for recording the entry is a critical aspect of the fraud action statement. The reason is based on the assumption for recording the entry. Typical reasons correlate to the types of journal entries: accrue, adjust, reclassify, and reverse:
The question is simple. Was the journal entry posted before year‐end or after year‐end? What is the proximity of the journal entry to the opinion date? Was the account balance reversed? Should the journal entry be tested now, or should retrospective analysis of the journal posted after year‐end? The answer to the when question has a major impact on the timing of the fraud data analytics plan. I also think the when question is a critical part of the predictability consideration as to where management records the fraudulent journal entries.
To be clear, in this chapter we are not discussing journal entries that post a source journal to the general ledger. This chapter is about journal entries that are created by a person to adjust an account balance, reclassify a transaction, or reverse a journal entry from a previous period. Our discussion will focus on year‐end reporting, although the methodology is the same for any reporting period. From a GAAS perspective, there are four types of journal entries:
From a fraud data analytics perspective, I will use the following terms to describe the journal entries:
Auditors select journal entries for the purpose of testing internal controls for recording a journal entry and to perform substantive procedures on account balances. GAAS provides guidance on determining the nature, timing, and extent of substantive testing of journal entries. This book will not duplicate that guidance, but rather provide fraud data analytic procedures to assist the fraud auditor in the detection of journal entries that are intended to materially misstate the financial statements.
The first report was described in Chapter 13, which was a summary of the trial balance by the source of the entry and the debits and credits, which form the account balance. This report is very useful in targeting accounts that are composed solely of journal entries. The report will also allow the auditor to ensure the completeness of the population because the accounts totals produced from the report will need to be reconciled or matched to the general ledger produced from the company's automated system.
The second report is a summary of journal entry activity by individual. The summary should focus on:
The third report is a summary of journal entries by type of journal entry. The type field is dependent on the codes used by the company. The first report should be a summary by type, providing the aggregate dollar value, frequency of posting, maximum dollar, minimum dollar, and the average dollar. Based on the company, the report could be summarized by:
The remaining reports should be designed for the concept of data availability, reliability, and usability:
The following fraud data analytics approaches are designed to locate a fraud scenario recorded through a general journal entry:
The nature, timing, and extent of journal entry testing are an important question. The difference between internal control testing of journal entries and the search for journal entries that have a fraudulent material impact on a financial account is also a critical question. The combination of the two important questions must be incorporated into the fraud data analytics plan.
The fraud data analytics plan for journal entries is not one‐dimensional. It is not just picking one strategy but considering all the strategies consistent with the auditor's understanding of the entities' financial reporting process.
The simple answer is that the journal entry is an extreme deviation from the standard journal entry. The answer is perfectly accurate but perfectly useless. By the way, that is a variation of an old accounting joke. The question, however, is a critical question in the development of a data interrogation plan. The answer to the question starts with the fraud scenario; the remaining parts of the answer are: the financial account; materiality; the general anomalies; and the company‐specific anomalies. The sample selection is then based on a composite score of the journal entry.
The scoring sheet concept was first introduced in Chapter 6 and referred to in many chapters. The concept is simple: The auditor identifies a series of attributes, assigns a risk rating to the attribute (1, 2, or 3), and then calculates a score for each journal entry within the analysis. The sample selection is based on the journal entries with the highest score.
The system works best on a specific account or combination of accounts. The system starts with the fraud scenarios. The next considerations are the direction of testing, materiality, general attributes of journal entries, and at least one company‐specific consideration. The direction of testing and materiality are a requirement of the scoring sheet. It is recommended that at least three common or company‐specific attributes are used to minimize false positives. However, in reality, the fraud auditor needs to exercise judgment on the number of attributes to use:
Every financial statement has key operating statistics, by which investors or bankers evaluate the financial soundness of the company. Each operating statistic links to a general ledger account. The first step is to understand which accounts are most likely to be misstated. The second step is to understand the accounting policies and GAAP surrounding those accounts. The disaggregated approach is not intended for every general ledger account, but rather the key general ledger account or accounts that are comprised of a subledger by design, such as accounts receivable. The planning report for the trial balance is the first disaggregated report.
Many journal entries look like any other journal entry on face value—there are debits and credits. They tend to be large numbers that post to a general ledger control account. Behind that control number is a subledger that typically comprises many subaccounts. Those subaccounts comprise transactions from a source journal and transactions from journal entries. The disaggregated approach is to dissect the general ledger account into its smallest component. In this way, the large journal entry with a large number becomes a smaller journal entry with a lot of small numbers posted to individual accounts. The analysis uses summary features by both dollar and record count, using the subledger impact versus the control account impact.
The sample selection can be either solely on materiality or based on data interpretation using the red flag concept.
The fraud data analytics approach is based on the study of previous financial statement frauds. The knowledge is invaluable for the fraud auditor in both the internal control testing and the substantive testing performed by the auditor.
In internal control testing, the red flag approach should be called educated skepticism methodology. The knowledge tells the auditor that the observable event has been linked to prior financial statement frauds. Thereby, the knowledge would alert the auditor to the susceptibility of intentional misstatement of a financial account.
The red flag has two approaches—red flag associated with an individual journal entry or red flag associated with a general ledger account where fraudulent journal entries are oftentimes posted. The journal entry red flag is most effective for control testing, whereas the general ledger red flag is most effective for substantive testing.
In fraud data analytics, the red flag can be used to design a specific search criterion. The historical red flag approach can occur at the journal entry level or the impact on an account level. From a practical perspective, the methodology is easy to use. The following is a list of historical red flags that have occurred in previous companies in no specific order.
Journal entry testing by its nature indicates that we are selecting journal entries for either control testing or substantive testing. However, many high‐profile financial statement frauds occurred because an entry was not posted. The following two situations will illustrate the concept. I have intentionally not identified the company.
The business plan for a corporation in the retail industry called for expansion and building of new retail locations. The accounting practice was to record all costs associated with inspecting new sites into property, plant, and equipment ledger directly from the purchases journal. When a decision was made not to build at the site, a journal entry transferring the costs from an asset account to an operating expense account was never recorded. The absence of a journal entry overstated operating net income.
A corporation in the business of renting home furnishings and office furniture intentionally did not write off any assets held for rental that were damaged or stolen by the renter. When the results of the physical inventory internal control revealed that rental furnishings were destroyed or missing, senior management instructed staff not to record a journal entry recognizing the write‐off of the rental assets. The absence of a journal entry overstated operating net income.
The absence of an entry requires the fraud auditor to understand the company's business and the accounting practices for the specific general ledger account. The fraud data analytics then targets the specific accounts, searching for accounts where there is an absence of journal entry when a journal entry would be expected.
One of the problems in falsifying the financial statements is that financial management does not know how much to misstate the financial account until the source journals are recorded. At that point, financial management knows what is necessary to meet their numbers. However, after the financial statements are issued, the process of falsifying the statements starts over. The strategies for timing analysis are:
Each journal entry has a written description explaining the purpose of the journal entry. Similar to the word searching approach used in FCPA audits, the fraud data analytics could search the description field for anomalies or keywords. The fraud theory is that journal entries that are created with an evil motive are more likely to be brief or vague.
The first step is to understand the business practices of the accounting department in writing the journal entry description. Is the business practice to write a brief or verbose description in the description field?
The second step is to perform an alpha count on the description field to determine the average number of alpha positions in the description field. Using the alpha count, the fraud data analytics creates a file of journal entries that contain less than the average number of alpha positions. The second step is to summarize the journal entries by a logical grouping, such as by person, by timing, or by account. The sample selection can either be journal entries that contain less than x number of alpha positions or through the data interpretation strategy using the auditor's business knowledge and the listing of historical red flags.
Another approach is to search on keywords in journal entry description field. Once again, the auditor needs to understand the normal accounting practices for the description field. The approach can focus on either common words such as estimate or estimation or specific words such as correct or fix.
The focus of the why approach is to study journal entries that occur for a specific purpose and correlate to a specific category of accounts. As stated in the anomaly testing, an anomaly is a deviation from the norm. So, the first step is to create a common grouping of journal entries over a period of time. I would encourage you to use a complete accounting cycle. To illustrate the concept, we will use accrued revenue. Let's further assume the general ledger has multiple accounts associated with accrued revenue. The fraud data analytics would create a summary of the journal entries impacting only those accounts. The last decision is whether to use the balance sheet account or the revenue account. I would encourage the use of the balance sheet account. The analysis should further segregate reversals of the prior month from the entry that created the accrued revenue. The summary is by the person recording the entry or by a logical grouping of accounts:
In my experience, when financial management is involved in asset misappropriation schemes, they understand that the theft has an impact on the bottom line. They also understand the financial audit process. The predictability of the audit process has been identified as one of the reasons for audit failure. The following red flags are common with asset misappropriation schemes:
The beginning of the chapter stated that journal entry fraud was simple—debit receivables for a million and credit revenue a million. It is that easy. Unfortunately, locating the entry is not so easy. General ledgers today are massive, and the ledger contains millions of transactions. The process of building a fraud data analytics plan for locating the adjusting, reversal, or reclassifying journal entry requires a superior knowledge of the industry and company accounting practices. The timing of journal entries that cause a material impact on the financial statement is usually near the opinion date. The opinion date is therefore an important consideration for the CPA offering the opinion. If there are no opinion date considerations, then designing the plan becomes much easier.
The chapter has provided several strategies for designing the fraud data analytics plan. Most likely, the final plan will be based on the nature of the general ledger accounts in the plan. The timing of the analysis will be determined by the purpose of the plan. The use of the different strategies will be based on the knowledge and judgment of the auditor. Good luck.